Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges.
CVSS Information
N/A
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Enterprise Endpoint Security 代码问题漏洞
Vulnerability Description
Check Point Enterprise Endpoint Security是以色列Check Point公司的一种专注于传统端点和现代移动设备的高级防护。 Enterprise Endpoint Security E86.20 Windows Clients 存在安全漏洞,该漏洞源于用户可以访问发生安装修复的目录。 由于 MS 安装程序允许普通用户运行修复,攻击者可以启动安装修复并将特制的 EXE 放置在以 Check Point 远程访问客户端权限运行的修复文件夹中。
CVSS Information
N/A
Vulnerability Type
N/A